Decompile-resistant DLL (Delphi)
Tell me, are there any mechanisms today for writing a DLL in Delphi that could not be decompiled - if so, please give me information or some correct links to information on which version of Delphi and how it can be done?
2 answers
In addition to what @Alekcvp and @cpp_user said, I can add this:
Option №1.
We cut out all the debugging information and compile it into the release version. In addition, we cut out the entire rtti. This makes your code relatively "clean". Well, there are not big "flaws" here":
- The compiler will still insert rtti from the standard libraries. This can be cured by recompiling rtl, but it is difficult.
- The code can use procedures such as SetLength/New/Dispose, and so on. All of them need an rtti of the type of variable being passed, that is, the rtti for such variables will be in the binary.
- The classes themselves inside the binaries have some information without rtti, such as the class name, a list of fields (without names) for auto-release.
What are the advantages:
Free
Filters out all the molten ones
What are the disadvantages:
- Versed at least a little the spec will parse the binary without any problems
Option №2
We take another language. For example, C++ or similar. Not much different from the previous one in terms of hacking, but the information in the binary is usually an order of magnitude less, by default.
What are the advantages:
Free
Due to all sorts of optimizations, C++ may not complicate the process of parsing the binary much in comparison with the previous version.
What kind cons:
A professional will figure it out without any problems
It is more difficult to write code for C++ (the language is more difficult)
Option №3
We take a side of the means of protection. Here you need to choose the tools that implement protection through a virtual machine in the core of the operating system. All the others (encoders or packers) break very quickly. This is probably the most reliable method if the protection is built locally. But here you need to understand, that such a solution for all your code can greatly reduce performance.
What are the advantages:
- For hacking, you will need a very good specialist and this specialist will probably need a lot of time, and this is a lot of money and there is a chance that they will not break it because of this.
What are the disadvantages:
It costs money(maybe not even a little).
If the virtual machine was hacked(and especially the hacking method lies in internets) all write is gone.
Option №4
You can try to implement secret logic on your server. Here you really need your own server and if there are a lot of clients, then you need a powerful server.
What are the advantages:
- Local hacking is useless, and to get on the server you need a good (expensive) specialist.
What are the disadvantages:
- It costs money(with a large number of customers, it costs crazy ones money).
Everything can be decompiled, but you can confuse the code (generate a bunch of useless hay in which a small needle makes sense) or virtualize part of the code into byte code that will be executed by a virtual machine.